Many users of Office 365 email have seen an influx of emails that they used to receive successfully to their inbox now going to their junk or Spam folder.
While security enhancements are essential, this can cause problems for business if client emails are getting caught up in their spam of junk folders.
This issue is largely down to improved email security enhancements now in place in Microsoft email systems which provide the Office 365 platform. They have done this to do all they can to combat “Email Spoofing”.
Microsoft’s past research has highlighted that 91% of Fortune 500 companies do not publish strong email authentication policies which means they are open to be Spoofed by a Phisher. Unless these emails are detected by a filter using another policy then these phishing emails could get through to users and deceive them. Considering this, Microsoft have pushed ahead with implicit email authentication which is now a requirement for more successful email delivery. This excerpt below is taken from the following Microsoft Article:
“Because phishing and spear phishing is such a problem, and because of the limited adoption of strong email authentication policies, Microsoft continues to invest in capabilities to protect its customers. Therefore, Microsoft is moving ahead with implicit email authentication – if a domain doesn’t authenticate, Microsoft will treat it as if it had published email authentication records and treat it accordingly if it doesn’t pass.
To accomplish this, Microsoft has built numerous extensions to regular email authentication including sender reputation, sender/recipient history, behavioural analysis, and other advanced techniques. A message sent from a domain that doesn’t publish email authentication will be marked as spoof unless it contains other signals to indicate that it is legitimate.
By doing this, end users can have confidence that an email sent to them has not been spoofed, senders can be confident that nobody is impersonating their domain, and customers of Office 365 can offer even better protection such as Impersonation protection.”
Microsoft have increased their email security systems and this in turn is affecting everyone else’s email delivery
What you can do about this if using Office 365:
- Emails incorrectly going into Junk:
- Change the AntiSpam settings in Office 365
- Go to https://protection.office.com and sign in with your work or school account.
- In the left navigation, under Threat management, choose Policy > Anti-spam
- Define settings to suit your requirements
- You can also add domains to the “Allow List”.
For Users Experiencing Issues opening links within their Office 365 emails:
- Define an ATP Safe Links policy that applies to everyone
- When you have Advanced Threat Protection in Office 365 Enterprise, you will have an ATP Safe Links policy to define that applies to everyone in your organization. You can edit your policy in either the Security & Compliance Centre or the Exchange admin centre. We recommend using the Security & Compliance Centre to review or edit any of your ATP policies.
- Go to https://protection.office.com and sign in with your work or school account.
- In the left navigation, under Threat management, choose Policy > Safe Links.
- In the Policies that apply to the entire organization section, select Default, and then choose Edit (the Edit button resembles a pencil).
- Click Edit to edit your default policy for Safe Links protection
- In the Block the following URLs section, specify one or more URLs that you want to prevent people in your organization from visiting. (See Set up a custom blocked URLs list using ATP Safe Links.)
- In the Settings that apply to content except email section, select (or clear) the options you want to use.
- Choose Save.
The above will assist in allowing emails and web links through Office 365 protection however, if you also use external Spam filtering such as MessageLabs (Symantec) or Mimecast, you will also be required to alter settings there to allow emails and web links through. You will most likely need to speak to your IT provider to do this.
Thanks to Hallidays for sharing this article
